"SystemBC Malware's C2 Server Analysis Exposes Payload Delivery Tricks"

Researchers have provided further details regarding the Command-and-Control (C2) server operations of SystemBC, a malware family. SystemBC can be purchased on underground markets and comes in an archive that includes the implant, a C2 server, and a PHP-based web administration portal. Kroll, a risk and financial advisory solutions provider, reported an increase in the use of the malware in the second and third quarters of 2023. SystemBC, which was first detected in the wild in 2018, enables threat actors to remotely control a compromised host and deliver additional payloads such as trojans, Cobalt Strike, and ransomware. It also supports the launch of ancillary modules, expanding its core functionality. This article continues to discuss findings regarding the SystemBC malware family.

THN reports "SystemBC Malware's C2 Server Analysis Exposes Payload Delivery Tricks"

Submitted by grigby1